Mercurial > hg > nginx-site
comparison xml/en/docs/http/ngx_http_ssl_module.xml @ 2618:0b98a81f196b
Documented the ssl_reject_handshake directive.
author | Yaroslav Zhuravlev <yar@nginx.com> |
---|---|
date | Tue, 27 Oct 2020 22:07:25 +0000 |
parents | d8bf37d20449 |
children | 78161967514f |
comparison
equal
deleted
inserted
replaced
2617:6684517c9d19 | 2618:0b98a81f196b |
---|---|
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> | 8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
9 | 9 |
10 <module name="Module ngx_http_ssl_module" | 10 <module name="Module ngx_http_ssl_module" |
11 link="/en/docs/http/ngx_http_ssl_module.html" | 11 link="/en/docs/http/ngx_http_ssl_module.html" |
12 lang="en" | 12 lang="en" |
13 rev="50"> | 13 rev="51"> |
14 | 14 |
15 <section id="summary"> | 15 <section id="summary"> |
16 | 16 |
17 <para> | 17 <para> |
18 The <literal>ngx_http_ssl_module</literal> module provides the | 18 The <literal>ngx_http_ssl_module</literal> module provides the |
603 </para> | 603 </para> |
604 | 604 |
605 </directive> | 605 </directive> |
606 | 606 |
607 | 607 |
608 <directive name="ssl_reject_handshake"> | |
609 <syntax><literal>on</literal> | <literal>off</literal></syntax> | |
610 <default>off</default> | |
611 <context>http</context> | |
612 <context>server</context> | |
613 <appeared-in>1.19.4</appeared-in> | |
614 | |
615 <para> | |
616 If enabled, SSL handshakes in | |
617 the <link doc="ngx_http_core_module.xml" id="server"/> block will be rejected. | |
618 </para> | |
619 | |
620 <para> | |
621 For example, in the following configuration, SSL handshakes with | |
622 server names other than <literal>example.com</literal> are rejected: | |
623 <example> | |
624 server { | |
625 listen 443 ssl; | |
626 ssl_reject_handshake on; | |
627 } | |
628 | |
629 server { | |
630 listen 443 ssl; | |
631 server_name example.com; | |
632 ssl_certificate example.com.crt; | |
633 ssl_certificate_key example.com.key; | |
634 } | |
635 </example> | |
636 </para> | |
637 | |
638 </directive> | |
639 | |
640 | |
608 <directive name="ssl_session_cache"> | 641 <directive name="ssl_session_cache"> |
609 <syntax> | 642 <syntax> |
610 <literal>off</literal> | | 643 <literal>off</literal> | |
611 <literal>none</literal> | | 644 <literal>none</literal> | |
612 [<literal>builtin</literal>[:<value>size</value>]] | 645 [<literal>builtin</literal>[:<value>size</value>]] |